[packages/samba4] - updated to 4.0.7 - added samba AD SysV init script - updated patches - added patch to allow settin

baggins baggins at pld-linux.org
Tue Jul 2 21:49:13 CEST 2013 

commit 8d91a8d66d5499bff08611742f0b13146e4301e4
Author: Jan Rękorajski <baggins at pld-linux.org>
Date:   Tue Jul 2 21:48:19 2013 +0200

    - updated to 4.0.7
    - added samba AD SysV init script
    - updated patches
    - added patch to allow setting unicodePwd with encoded NThash vlaue over LDAP

 samba-nscd.patch                         |   6 +-
 samba.init                               | 110 +++++++++++++++++++++++++++++++
 samba4.spec                              |  46 ++++++++-----
 system-heimdal.patch                     |   9 ---
 unicodePwd-nthash-values-over-LDAP.patch |  47 +++++++++++++
 5 files changed, 191 insertions(+), 27 deletions(-)
---
diff --git a/samba4.spec b/samba4.spec
index fe878b8..00733b0 100644
--- a/samba4.spec
+++ b/samba4.spec
@@ -14,8 +14,8 @@
 
 %if %{with system_libs}
 %define		talloc_ver	2.0.7
-%define		tdb_ver		2:1.2.10
-%define		ldb_ver		1.1.15
+%define		tdb_ver		2:1.2.11
+%define		ldb_ver		1.1.16
 %define		tevent_ver	0.9.18
 %endif
 
@@ -23,13 +23,13 @@
 Summary:	Active Directory server
 Summary(pl.UTF-8):	Serwer Active Directory
 Name:		samba4
-Version:	4.0.5
-Release:	0.3
+Version:	4.0.7
+Release:	0.5
 Epoch:		1
 License:	GPL v3
 Group:		Networking/Daemons
 Source0:	http://www.samba.org/samba/ftp/stable/samba-%{version}.tar.gz
-# Source0-md5:	58ec2fec08872b72f8fd526f2da20a9e
+# Source0-md5:	d887c1383654fc60b7bb1b74d273a826
 Source1:	smb.init
 Source2:	samba.pamd
 Source3:	swat.inetd
@@ -38,14 +38,15 @@ Source5:	samba.logrotate
 Source6:	smb.conf
 Source7:	winbind.init
 Source8:	winbind.sysconfig
+Source9:	samba.init
 Source10:	https://github.com/downloads/fumiyas/samba-virusfilter/samba-virusfilter-%{virusfilter_version}.tar.bz2
 # Source10-md5:	a3a30d5fbf309d356e8c5833db680c17
 Patch0:		system-heimdal.patch
 Patch1:		samba-c++-nofail.patch
 Patch3:		samba-nscd.patch
 Patch4:		samba-lprng-no-dot-printers.patch
-Patch5:		samba-fam.patch
-Patch6:		systemd-pid-dir.patch
+Patch5:		systemd-pid-dir.patch
+Patch6:		unicodePwd-nthash-values-over-LDAP.patch
 URL:		http://www.samba.org/
 BuildRequires:	acl-devel
 BuildRequires:	autoconf
@@ -98,6 +99,15 @@ BuildConflicts:	libbsd-devel
 Requires(post,preun):	/sbin/chkconfig
 Requires:	%{name}-common = %{epoch}:%{version}-%{release}
 Requires:	%{name}-common-server = %{epoch}:%{version}-%{release}
+#%if %{with system_libs}
+#Requires:	ldb >= %{ldb_ver}
+#Requires:	python-ldb >= %{ldb_ver}
+#Requires:	python-talloc >= %{talloc_ver}
+#Requires:	python-tevent >= %{tevent_ver}
+#Requires:	talloc >= %{talloc_ver}
+#Requires:	tdb >= %{tdb_ver}
+#Requires:	tevent >= %{tevent_ver}
+#%endif
 Requires:	logrotate >= 3.7-4
 Requires:	pam >= 0.99.8.1
 Requires:	rc-scripts >= 0.4.0.12
@@ -791,7 +801,7 @@ cd pidl
 
 %install
 rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT/etc/{logrotate.d,rc.d/init.d,pam.d,security,sysconfig/rc-inetd,ld.so.conf.d} \
+install -d $RPM_BUILD_ROOT/etc/{logrotate.d,rc.d/init.d,pam.d,security,sysconfig/rc-inetd,ld.so.conf.d,env.d} \
 	$RPM_BUILD_ROOT{/var/{log/archive,spool}/samba,/var/lib/samba/printing} \
 	$RPM_BUILD_ROOT/var/log/samba/cores/{smbd,nmbd} \
 	$RPM_BUILD_ROOT{/sbin,/%{_lib}/security,%{_libdir},%{_libdir}/samba/vfs,%{_includedir},%{_sambahome},%{schemadir}} \
@@ -834,6 +844,9 @@ cp -p %{SOURCE5} $RPM_BUILD_ROOT/etc/logrotate.d/samba
 cp -p %{SOURCE6} $RPM_BUILD_ROOT%{_sysconfdir}/samba/smb.conf
 install -p %{SOURCE7} $RPM_BUILD_ROOT/etc/rc.d/init.d/winbind
 cp -p %{SOURCE8} $RPM_BUILD_ROOT/etc/sysconfig/winbind
+install -p %{SOURCE9} $RPM_BUILD_ROOT/etc/rc.d/init.d/samba
+
+echo "LDB_MODULES_PATH=%{_libdir}/samba/ldb" > $RPM_BUILD_ROOT/etc/env.d/LDB_MODULES_PATH
 
 # move lib{smb,wb}client where they always were for compatibility
 %{__mv} $RPM_BUILD_ROOT%{_libdir}/samba/libsmbclient.so.* $RPM_BUILD_ROOT%{_libdir}
@@ -874,7 +887,6 @@ install examples/LDAP/samba.schema $RPM_BUILD_ROOT%{schemadir}
 
 # remove man pages for not installed commands
 %{__rm} $RPM_BUILD_ROOT%{_mandir}/man1/log2pcap.1*
-%{__rm} $RPM_BUILD_ROOT%{_mandir}/man1/smbtar.1*
 %{__rm} $RPM_BUILD_ROOT%{_mandir}/man8/vfs_cacheprime.8*
 %{__rm} $RPM_BUILD_ROOT%{_mandir}/man8/vfs_gpfs.8*
 %{__rm} $RPM_BUILD_ROOT%{_mandir}/man8/vfs_prealloc.8*
@@ -888,15 +900,15 @@ install examples/LDAP/samba.schema $RPM_BUILD_ROOT%{schemadir}
 rm -rf $RPM_BUILD_ROOT
 
 %post
-#/sbin/chkconfig --add samba
-#%service samba restart "Samba AD daemon"
+/sbin/chkconfig --add samba
+%service samba restart "Samba AD daemon"
 %systemd_post samba.service
 
 %preun
-#if [ "$1" = "0" ]; then
-#	%service samba stop
-#	/sbin/chkconfig --del samba
-#fi
+if [ "$1" = "0" ]; then
+	%service samba stop
+	/sbin/chkconfig --del samba
+fi
 %systemd_preun samba.service
 
 %postun
@@ -956,6 +968,8 @@ fi
 
 %files
 %defattr(644,root,root,755)
+%config(noreplace) %verify(not md5 mtime size) /etc/env.d/LDB_MODULES_PATH
+%attr(754,root,root) /etc/rc.d/init.d/samba
 %{systemdunitdir}/samba.service
 %{systemdtmpfilesdir}/samba.conf
 %attr(755,root,root) %{_bindir}/oLschema2ldif
@@ -1549,12 +1563,14 @@ fi
 %attr(755,root,root) %{_bindir}/sharesec
 %attr(755,root,root) %{_bindir}/smbcacls
 %attr(755,root,root) %{_bindir}/smbclient
+%attr(755,root,root) %{_bindir}/smbtar
 %attr(755,root,root) %{_bindir}/smbtree
 %{_mandir}/man1/nmblookup.1*
 %{_mandir}/man1/rpcclient.1*
 %{_mandir}/man1/sharesec.1*
 %{_mandir}/man1/smbcacls.1*
 %{_mandir}/man1/smbclient.1*
+%{_mandir}/man1/smbtar.1*
 %{_mandir}/man1/smbtree.1*
 %{_mandir}/man8/net.8*
 
diff --git a/samba-nscd.patch b/samba-nscd.patch
index 30dc4b9..8dc912f 100644
--- a/samba-nscd.patch
+++ b/samba-nscd.patch
@@ -2,12 +2,12 @@ diff -urN samba-3.2.1.org/source3/Makefile.in samba-3.2.1/source3/Makefile.in
 --- samba-3.2.1.org/source3/Makefile.in	2008-08-05 08:22:33.000000000 +0200
 +++ samba-3.2.1/source3/Makefile.in	2008-08-17 23:24:32.085914644 +0200
 @@ -1430,7 +1430,7 @@
- 	@$(CC) -o $@ $(LDFLAGS) $(PASSDB_LIBS) $(RPCCLIENT_OBJ) \
+ 	@$(CC) -o $@ $(LDFLAGS) $(RPCCLIENT_OBJ) \
  		$(DYNEXP) $(TERMLDFLAGS) $(TERMLIBS) $(LIBS) $(POPT_LIBS) \
- 		$(KRB5LIBS) $(LDAP_LIBS) $(LIBTALLOC_LIBS) $(LIBTDB_LIBS) \
+ 		$(KRB5LIBS) $(LDAP_LIBS) $(LIBTALLOC_LIBS) $(LIBTEVENT_LIBS) $(LIBTDB_LIBS) \
 -		$(LIBWBCLIENT_LIBS) $(ZLIB_LIBS) $(PASSDB_LIBS)
 +		$(LIBWBCLIENT_LIBS) $(ZLIB_LIBS) $(PASSDB_LIBS) $(NSCD_LIBS)
  
- bin/smbclient at EXEEXT@: $(BINARY_PREREQS) $(CLIENT_OBJ) @BUILD_POPT@ @LIBTALLOC_TARGET@ @LIBTDB_TARGET@ @LIBWBCLIENT_TARGET@
+ bin/smbclient: $(BINARY_PREREQS) $(CLIENT_OBJ) @BUILD_POPT@ $(LIBTALLOC) $(LIBTEVENT) $(LIBTDB) $(LIBWBCLIENT)
  	@echo Linking $@
 
diff --git a/samba.init b/samba.init
new file mode 100644
index 0000000..b1b7ea8
--- /dev/null
+++ b/samba.init
@@ -0,0 +1,110 @@
+#!/bin/sh
+#
+# chkconfig:	345 91 35
+# description:	Starts and stops the Samba daemon \
+#		used to provide Active Directory services.
+#
+# config:	/etc/samba/smb.conf
+# processname:	samba
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+# Source networking configuration.
+. /etc/sysconfig/network
+
+# Demon specified configuration.
+[ -f /etc/sysconfig/samba ] && . /etc/sysconfig/samba
+
+# Check that networking is up.
+if is_yes "${NETWORKING}"; then
+	if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status ]; then
+		msg_network_down "Samba AD Server"
+		exit 1
+	fi
+else
+	exit 0
+fi
+
+TMPDIR="/tmp"; export TMPDIR
+unset TMP || :
+
+start() {
+	# Check if the service is already running?
+	if [ -f /var/lock/subsys/samba ]; then
+		msg_already_running "Samba AD Server"
+		return
+	fi
+
+	msg_starting "Samba AD Server"
+	daemon /usr/sbin/smbd $SAMBAOPTIONS
+	RETVAL=$?
+	if [ $RETVAL -eq 0 ]; then
+		touch /var/lock/subsys/samba
+	fi
+}
+
+stop() {
+	# Stop daemons.
+	if [ ! -f /var/lock/subsys/samba ]; then
+		msg_not_running "Samba AD Server"
+		return
+	fi
+
+	msg_stopping "Samba SMB/CIFS Server"
+	killproc --pidfile /var/run/samba/samba.pid samba
+	rm -f /var/lock/subsys/samba >/dev/null 2>&1
+}
+
+reload() {
+	if [ ! -f /var/lock/subsys/samba ]; then
+		msg_not_running "Samba AD Server"
+		RETVAL=7
+		return
+	fi
+
+	msg_reloading "Samba AD Server"
+	killproc --pidfile /var/run/samba/samba.pid samba -HUP
+	RETVAL=$?
+}
+
+condrestart() {
+	if [ ! -f /var/lock/subsys/samba ]; then
+		msg_not_running "Samba AD Server"
+		RETVAL=$1
+		return
+	fi
+
+	stop
+	start
+}
+
+RETVAL=0
+# See how we were called.
+case "$1" in
+  start)
+	start
+	;;
+  stop)
+	stop
+	;;
+  restart)
+	stop
+	start
+	;;
+  try-restart)
+	condrestart 0
+	;;
+  reload|force-reload)
+	reload
+	;;
+  status)
+	status samba
+	RETVAL=$?
+	;;
+  *)
+	msg_usage "$0 {start|stop|restart|try-restart|reload|force-reload|status}"
+	exit 3
+esac
+
+exit $RETVAL
diff --git a/system-heimdal.patch b/system-heimdal.patch
index 84bb56a..5b8b60e 100644
--- a/system-heimdal.patch
+++ b/system-heimdal.patch
@@ -1,14 +1,5 @@
 --- samba-4.0.0/source4/heimdal_build/wscript_build~	2012-12-04 11:07:44.000000000 +0100
 +++ samba-4.0.0/source4/heimdal_build/wscript_build	2013-01-07 15:09:18.976932049 +0100
-@@ -947,7 +947,7 @@
- 
- HEIMDAL_BINARY('samba4kgetcred',
-     'kuser/kgetcred.c',
--    deps='krb5 heimntlm roken HEIMDAL_VERS hcrypto',
-+    deps='krb5 heimntlm roken HEIMDAL_VERS hcrypto asn1',
-     install=False
-     )
- 
 @@ -953,7 +953,7 @@
  
  HEIMDAL_BINARY('samba4kpasswd',
diff --git a/unicodePwd-nthash-values-over-LDAP.patch b/unicodePwd-nthash-values-over-LDAP.patch
new file mode 100644
index 0000000..e7f7c42
--- /dev/null
+++ b/unicodePwd-nthash-values-over-LDAP.patch
@@ -0,0 +1,47 @@
+
+Allow setting unicodePwd with NTHash vlue over LDAP
+
+--- samba-4.0.7/source4/libcli/ldap/ldap_controls.c~	2013-07-02 20:19:37.554868793 +0200
++++ samba-4.0.7/source4/libcli/ldap/ldap_controls.c	2013-07-02 21:00:47.595973713 +0200
+@@ -1293,7 +1293,7 @@
+ 	{ LDB_CONTROL_REVEAL_INTERNALS, NULL, NULL },
+ 	{ LDB_CONTROL_AS_SYSTEM_OID, NULL, NULL },
+ 	{ DSDB_CONTROL_PASSWORD_CHANGE_STATUS_OID, NULL, NULL },
+-	{ DSDB_CONTROL_PASSWORD_HASH_VALUES_OID, NULL, NULL },
++	{ DSDB_CONTROL_PASSWORD_HASH_VALUES_OID, decode_flag_request, encode_flag_request },
+ 	{ DSDB_CONTROL_PASSWORD_CHANGE_OID, NULL, NULL },
+ 	{ DSDB_CONTROL_APPLY_LINKS, NULL, NULL },
+ 	{ LDB_CONTROL_BYPASS_OPERATIONAL_OID, NULL, NULL },
+--- samba-4.0.7/source4/dsdb/samdb/ldb_modules/password_hash.c~	2013-07-02 20:01:42.731518064 +0200
++++ samba-4.0.7/source4/dsdb/samdb/ldb_modules/password_hash.c	2013-07-02 20:39:24.909757777 +0200
+@@ -3386,10 +3386,29 @@
+ 	return ldb_next_request(ac->module, mod_req);
+ }
+ 
++static int password_hash_init(struct ldb_module *module)
++{
++	struct ldb_context *ldb;
++	int ret;
++
++	ldb = ldb_module_get_ctx(module);
++
++	ret = ldb_mod_register_control(module, DSDB_CONTROL_PASSWORD_HASH_VALUES_OID);
++	if (ret != LDB_SUCCESS) {
++		ldb_debug(ldb, LDB_DEBUG_ERROR,
++				"password_hash: Unable to register control (%s) with rootdse!\n",
++				DSDB_CONTROL_PASSWORD_HASH_VALUES_OID);
++		return ldb_operr(ldb);
++	}
++
++	return ldb_next_init(module);
++}
++
+ static const struct ldb_module_ops ldb_password_hash_module_ops = {
+ 	.name          = "password_hash",
+ 	.add           = password_hash_add,
+-	.modify        = password_hash_modify
++	.modify        = password_hash_modify,
++	.init_context  = password_hash_init
+ };
+ 
+ int ldb_password_hash_module_init(const char *version)
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/samba4.git/commitdiff/8d91a8d66d5499bff08611742f0b13146e4301e4

More information about the pld-cvs-commit mailing list